Worked through a fascinating part of TryHackMe, which is related to Network Security and Traffic Analysis. A big part of doing SOC analyst work will be monitoring traffic-related events and understanding how these items are processed and how to analyze them. In this section, you learn about open source firewall tools like Snort. How to configure rules for them.
Following up with Network Miner, which helps you to network for endpoints and run various scans for both diagnostic and forensics needs.
It covers the basics of using Wireshark, analyzing PCAP files, and using Wireshark commands to dissect traffic streams and find key details.
There was so much in this section that I know I will have to come back to review this again and again, but it was really fun to work with.
